[1] https://www.reddit.com/r/Bitcoin/comments/3bmbi5/mits_bitcoi...
Or more like I can send an encrypted list of passwords and they can tell me what the most common letter is in all the passwords without ever knowing any of the passwords?
If these things aren't possible, can someone provide a useful example of this being used to solve a problem? I'm having a bit of trouble actually understanding what this is/does.
But what fully homomorphic encryption allows you to is to perform arbitrary computations on encrypted data.
So you send your encrypted data to a machine, it performs the computation, and sends it back to you still encrypted. Like the password list example you mentioned.
What is cool about this is that is solves the problem with privacy in cloud computing platforms. You don't expose your data.
NOTE: I'm not a cryptographer nor haven't read the article yet. Just writing what I can remember.
Would homomorphic encryption make it possible for cloud hosting to run a website without knowing the code that is being ran?
Or at least having skimmed the white paper, and having some background in this, that was my take away.
EDIT: Your explanation of homomorphic encryption is a good way to explain it at a level people can understand just what a breakthrough a workable implementation would be.
Since the paper states that all nodes must collude to recover (not decrypt) the data I would assume that the pieces are encrypted asymmetrically for each node to ensure a sufficiently powerful man in the middle (cough NSA) doesn't just reassemble the pieces.
8.10 Bitcoin Wallet
1. Decentralized private key generation – Multiple Enigma nodes locally create a segment of the key, whereas the full key is only ever assembled by the user. No trail of evidence is left anywhere.
2. Decentralized transaction signing – Transactions signed without ever exposing the private key or leaving a trail.
3. Decentralized controls - Set spending limits, multi-sig, CHECKLOCKTIMEVERIFY like controls, and more with a private script. Lock time,
So you could store your own list of favorite music bands in the cloud and share that with say spotify or pandora to get personalized recommendations, but nobody else knows about it. Then you store your favorite authors in another location which only amazon has access to. Or your medical records could be kept in the cloud and only shared with your personal doctor, then easily transfered to another doctor if you switch.
This seems like a great solution for storing these small pieces of personal information in the cloud without having to give them all to a central authority like so many people do with Facebook currently.
The most important idea imo is that companies can never claim ownership of personal data because they never have access to it. Another cool idea is that if you have a currency that can be cashed in for fractional computing power on the network you could pay tech companies in computing power, either providing it from a device you own or paying for it with the currency.
I look forward to the papers/code that they release.
Edit: I'm not really clear on this, is there any currency component to Enigma? I was thinking there could be a currency that's a transferrable debt of fractional computing power of the network.
Edit 2: Apparently it isn't a currency and uses bitcoin for fees...
Edit: actually it does appear a goal is to share computing power though I know less about those details compared to the data distribution. Ref: https://forum.safenetwork.io/t/homomorphic-encryption-by-mit...
Citation needed, the only thing I've seen maidsafe do is take peoples' money
I have been watching http://www.zennet.sc/ which is the closest I have found but maidsafe seems pretty interesting as well.
You are correct about using stored work to pay for other compute being interesting. I believe this is actually the nature of reality, not just some new fangled thing we're getting around to 'inventing'. I will note this is an opinion of a futurist, so it is what it is.
At the least, compute federation is enabled with cryptocurrencies. They give you a way to pay for use (payments), identify with them (identity managment) and a way to standardize the use of the compute (immutable data structures).
One of my friends informed me that the idea of currencies backed by computing power has existed for a long time in science fiction so perhaps we'll see these specific kinds of systems soon.
People can earn money by attaching their machines to the network (but they have to include a security deposit). Then they will collect fees from users for each request processed as well as a set fee for storage.
The application developer will then use a provided scripting language (I am not sure if they actually write the application using this language or if it is just for ensuring a contract). They will need to continually pay storage fees or their data will be disabled and eventually deleted.
I would like to see examples of the scripting language they reference.
I don't believe centralized/public clouds will disappear anytime soon. However, there simply aren't any privacy-preserving alternatives out there. We're hoping to change that.
Also, your description is accurate. We'll be releasing our code and some dev-friendly documentation for the beta soon. You're welcome to sign up at http://enigma.media.mit.edu.
I mean, the way the web currently works is that I trust some server to host my data. I can have this service auth an external consumer site and display data in an iframe, say, which the consumer site can't get at. This is good enough for displaying people their personalized info (name, friends) on various services (eg directions to their house in an iframe, for a user authenticated with my chosen provider).
But to go further, what if I don't want to trust any provider?
Then I could simply encrypt the data and store encrypted data with the provider (or providers for redundancy). The authentication could be replaced with visitors holding a key to decrypt the data (because I gave it to them) and I can switch to using some other key and effectively "unfriend" those who don't get my updated key.
But all this is good enough for displaying data and files I upload. Now, why would I want to do operations on those files "in the cloud" without trusting a provider? I am already trusting my friends with the data, since they can reshare it once it's displayed to them. So why not trust a provider? One of my friends can run the provider.
I guess the only scenario I see it being useful is if all my friends can only have limited access to the data and all manipulations on the data are collaborative, and that's where the homeomorphism comes in. Perhaps no one will be able to see the whole data and it's not really about data at all, but views of some Enigmatic process running on some network (like an autonomous corporation.) is that the use case?
One problem is that it's slower. 100x slower.
Huh, last I read something about this, it seemed like every multiplication needed multiple network messages, but I guess they solved that problem.
Sounds exciting! I am excited!
1) Electricity used. This scheme
only multiplies the computing requirements
for a calculation by less than 100 fold
2) (Ab)use of the blockchain:
Enigma stores that metadata in the bitcoin
blockchain, the unforgeable record of messages
copied to thousands of computers to prevent
counterfeit and fraud in the bitcoin economy
The 100x multiple is to the cost of normal computation. Normal, unsecured, visible to your hosting provider, etc, computation. Companies already pay huge amounts for securing computation so a pure mathematical way to do it that's only 100 times the base cost of the CPU time is actually a huge savings to many.
You don't have to run your whole webserver this way, just the payment processing pieces...
2) What will happen is pure guessing because it depends on the hidden motives of others via market (and other) dynamics.
But the options are roughly,
A) The bitcoin blockchain remains at today's general capacity. In this case the price per blockchain/byte will increase and people will use side-chains and "link" them back in as they feel appropriate. You will have the option of downloading sidechains you care about.
B) The bitcoin users decide on one of the proposals to increase the blockchain capacity dramatically - and all of these offer some form of prunability so you don't need to hold the GBs of stuff you don't care about in order to strongly verify the things you do care about (like the balance of someone who's paying you)...
C) Some other currency which solves these things really is the "one".
But these questions didn't need asking. They're needlessly critical - as if technologies should (or even could) all be invented at greater than 100% ROI just out of thin air, and as if market dynamics wouldn't handle things anyway. If this solution is too expensive, nobody will use it. There are no externalities involved here, nobody is getting a free lunch; they'll only pay for it if it helps them overall.
1) More electricity it used, but it has some benefits. What is the social and financial cost of data breaches and identity theft? Hopefully at scale a system like Enigma can help with that.
2) At scale, you are correct. Blockchain scaling is a problem that a lot of people are working on, hopefully it will be solved in one way or another. If it doesn't, we'll need to find another solution or Enigma will fail.
The second point is something I've asked myself without any clear answer. Interested too learning more about this.
A better response than mine had already been posted by the time I finished writing mine. As such you may wish to skip reading my response. However, I'll let my response remain here anyway. /EDIT
1)
I'm not sure why this would have a power cost significantly comparable to bitcoin. This seems like the power use would be akin to using a computer which uses power inefficiently, which doesn't seem terrible.
It seems inevitable that a system that serves the same purpose would take more resources, seeing as the computation has to be done in multiple places, and as such, a relatively small constant factor doesn't sound terrible (not sure how one could hope for better. ).
It is not as if the programs which are written to run in web browsers now would have been written to allow as much inefficiency in equivalent desktop programs 14 years ago, right?
Does not sending an encrypted message to someone take a constant factor more time to send than it would to send it plaintext? (referring to time it takes to send and receive, not the time during actual transit)
2)
It uses a blockchain (bitcoin's) to store some data, but that would just store some transactions, and from what I can tell it shouldn't significantly increase the electricity required by the bitcoin network?
I guess it could contribute to blockchain size (I'm not sure how much data needs to be stored for the commitments.
re: "one true blockchain" :
I assume that if this were to be adopted in such numbers, either some scalability things would be added to bitcoin, or this or something like this would be transferred to some other more scalable blockchain, using something like hypercube chains or something like that. A program running using a system like this would be fine using just one of the subchains, and the people using it would mostly only have to keep track of that subchain (and I guess the chain that ties the subchains together), so because more subchains can be added whenever they are needed, the size of the subchain being used would presumably not grow at unacceptable rates.
notes:
I do not own any bitcoin. The only cryptocurrency I own any of is testnet ether, which is for a testnet. Additionally I have not made any wagers about the success of any cryptography technologies, and am not employed in any cryptography related field. I don't think I have any financial incentives to promote any particular view about any given cryptography technology.